Summary: The SQL Injection attack is a famous exploit used to inject a harmful SQL command in a SQL statement by a malicious user. This attack takes advantages of input data that is not checked by the application and by the databases when there is a input field, either a web-based or a desktop-based application. This video shows how this type of attack exploit simple SELECT statements and stored procedures an them explain a few steps that can be taken by the DBA and by the developers in order to prevent a SQL Injection attack in SQL Server 2005.

Methodology: The theory of the SQL Injection attack is explained by two examples of SQL statements and then the video discuss a few sted that can be taken by the developers and the DBA in order to prevent the SQL Injection attack in SQL Server 2005.

Built Examples: How to change the characters in a string using the REPLACE function and how to delimit identifiers using the QUOTENAME function.

Mauro Pichiliani has the Master of Science degree on collaborative systems by the Aeronatics Institute of Technology (ITA) in Brazil. He is a specialist on database technologies with more than 8 years of experience on the industry...

To have full access to this post (or download the associated files) you must have MrBool Credits.

See the prices for this post in Mr.Bool Credits System below:

Individually – in this case the price for this post is US$ 2,00 (Buy it now)in this case you will buy only this video by paying the full price with no discount.

Package of 10 credits - in this case the price for this post is US$ 1,00This subscription is ideal if you want to download few videos. In this plan you will receive a discount of 50% in each video. Subscribe for this package!

Package of 50 credits – in this case the price for this post is US$ 0,33This subscription is ideal if you want to download several videos. In this plan you will receive a discount of 83% in each video.Subscribe for this package!